function comment(array $articleLangs = array()) { $comment = new Comment(); $comment->setAuthor(author('niko')); $comment->content = 'Booh.'; $comment->setArticle(article($articleLangs)); return $comment; }
<?php // modPersonne.php // Modification d'une personne dans la table personnes // Vérification de la connexion include './authcheck.php'; if (!isset($_SESSION['IDtrombi'])) { die('({state:"failed",error:"logOff"})'); } // Avec le rang 7 on peut modifier n'importe qui // Avec un rang user on peut modifier une des ses propres propositions // Avec le rang 2 on peut modifier une de ses suggestions if (isset($_POST['ID'])) { $id = $_POST['ID']; if (author("modPerson", array('ID' => $id))) { require_once './conx/connexion.php'; // Dans le cas d'une modification par user ou waiting_user, on veut vérifier // que le compte est bien propriétaire de l'item à modifier if (RANK == RANG_WAITING_USER || RANK == RANG_USER || RANK == RANG_PRIVILEGED_USER) { $select = $connexion->prepare('SELECT COUNT(*) FROM ' . $prefixeDB . 'personnes WHERE ID=:id AND IDA=:idA;'); $select->execute(array('id' => $id, 'idA' => $_SESSION['IDtrombi'])); if ($select->fetchColumn() == '0') { die('({state:"failed",error:"You are not owner of this item"})'); } } // Il faut au moins une vérification, sans quoi la modification est inutile $requete = ''; $params = array('id' => $id, 'date' => date('Y-m-d'), 'heure' => date('H:i:s')); if (isset($_POST['NOM'])) { $requete = $requete . " NOM=:nom,"; $params['nom'] = $_POST['NOM']; }
function process($text, $wiki) { global $dataSource; global $_EXTRAS; global $_CONFIG; $text = $text . "\n\n"; if ($_CONFIG['oneWiki']) { $base = $_CONFIG['base']; } else { $base = $_CONFIG['base'] . "/" . $wiki; } function stripSpaces($text) { return ereg_replace("/[:space:]/", "", $text); } /*// Conditional includes preg_match_all("/\[\[IFEDIT\|(.*?)\]\]/", $text, $matches); foreach($matches[0] as $index => $match){ $result = $matches[1][$index]; if (checkAuth("edit")){ $text = preg_replace("#".preg_quote($match,"#")."#",$result,$text); } else { $text = preg_replace("#".preg_quote($match,"#")."#","Can't Edit",$text); } #$_EXTRAS[$matches[1][$index]] = $matches[2][$index]; } preg_match_all("/\[\[IfLoggedIn\|(.*?)\|(.*?)\]\]/", $text, $matches); foreach($matches[0] as $index => $match){ $result = $matches[1][$index]; if (isset($_EXTRAS['me'])){ $text = preg_replace("#".preg_quote($match,"#")."#",$matches[1][$index],$text); } else { $text = preg_replace("#".preg_quote($match,"#")."#",$matches[2][$index],$text); } #$_EXTRAS[$matches[1][$index]] = $matches[2][$index]; } preg_match_all("/\[\[IFEDIT\|(.*?)\|(.*?)\]\]/", $text, $matches); foreach($matches[0] as $index => $match){ if (checkAuth("edit")){ $text = preg_replace("#".preg_quote($match,"#")."#", $matches[1][$index],$text); } else { $text = preg_replace("#".preg_quote($match,"#")."#", $matches[2][$index],$text); } #$_EXTRAS[$matches[1][$index]] = $matches[2][$index]; }*/ preg_match_all("/\\[\\[INCLUDE\\|(.*?)\\]\\]/", $text, $matches); foreach ($matches[0] as $index => $match) { $include = $dataSource->getContent($matches[1][$index]); $text = preg_replace("#" . preg_quote($match, "#") . "#", $include, $text); } // Set Variables preg_match_all("/\\[\\[SETVAR\\|(.*?)\\|(.*?)\\]\\]/", $text, $matches); // [[CALC|var|value]] foreach ($matches[0] as $index => $match) { $text = preg_replace("#" . preg_quote($match, "#") . "#", "", $text); $_EXTRAS[$matches[1][$index]] = $matches[2][$index]; } preg_match_all("/\\[\\[CALC\\|(.*?)\\|(.*?)\\]\\]/", $text, $matches); // [[CALC|var|opp]] foreach ($matches[0] as $index => $match) { $text = preg_replace("#" . preg_quote($match, "#") . "#", "<!-- Calculate functions removed -->", $text); #$eval = "\$_EXTRAS[".$matches[1][$index]."] = \$_EXTRAS[".$matches[1][$index]."] ".$matches[2][$index].";"; #eval($eval); #$_EXTRAS[$matches[1][$index]] = eval($eval); } preg_match_all("/\\[\\[RCALC\\|(.*?)\\|(.*?)\\]\\]/", $text, $matches); // [[RCALC|ropp|var]] foreach ($matches[0] as $index => $match) { $text = preg_replace("#" . preg_quote($match, "#") . "#", "<!-- Calculate functions removed -->", $text); #$eval = "\$_EXTRAS[".$matches[2][$index]."] = ".$matches[1][$index]." \$_EXTRAS[".$matches[2][$index]."];"; #eval($eval); #$_EXTRAS[$matches[1][$index]] = eval($eval); } preg_match_all("/\\[\\[VAR\\|(.*?)\\]\\]/", $text, $matches); foreach ($matches[0] as $index => $match) { $var = $_EXTRAS[$matches[1][$index]]; $text = preg_replace("#" . preg_quote($match, "#") . "#", $var, $text); } #$text = preg_replace("/\[\[SEARCH\|(.*?)\]\]/",searchFor($wiki,'\1'), $text); #$text = preg_replace("/\[\[ALLBY\|(.*?)\]\]/",searchAuthor($wiki,'\1'), $text); if (preg_match("#\\[\\[RECENT\\]\\]#", $text)) { $text = str_replace("[[RECENT]]", recent($wiki), $text); } if (preg_match("/\\[\\[INDEX\\]\\]/", $text)) { $text = str_replace("[[INDEX]]", index(), $text); } preg_match_all("/\\[\\[LOCKED\\|(.*?)\\]\\]/", $text, $matches); foreach ($matches[0] as $index => $match) { $users = $matches[1][$index]; doAuth($users, "view this"); $users_array = explode(',', $users); if (count($users_array) == 1) { $users_text = $users; } else { $last = array_pop($users_array); $users_text = implode(", ", $users_array) . ' & ' . $last; } $text = preg_replace("#" . preg_quote($match, "#") . "#", '<div class="locked">Page is locked to ' . $users_text . ' </div>', $text); } // Search for User preg_match_all("/\\[\\[ALLBY\\|(.*?)\\]\\]/", $text, $matches); foreach ($matches[0] as $index => $match) { $result = author($matches[1][$index]); $text = preg_replace("#" . preg_quote($match, "#") . "#", $result, $text); #$_EXTRAS[$matches[1][$index]] = $matches[2][$index]; } // Search for Arbitaty preg_match_all("/\\[\\[SEARCH\\|(.*?)\\]\\]/", $text, $matches); foreach ($matches[0] as $index => $match) { $datum = $matches[1][$index]; $result = $dataSource->search($datum); $text = preg_replace("#" . preg_quote($match, "#") . "#", $result, $text); #$_EXTRAS[$matches[1][$index]] = $matches[2][$index]; } /*// [[MACRO|macroname|arguments]] preg_match_all("/\[\[MACRO\|(.*?)\|(.*?)\\]\]/", $text, $matches); foreach($matches[0] as $index => $match){ #print_r($matches); if (file_exists("macros/".$matches[1][$index].".inc")){ ob_start(); $var = $matches[2][$index]; include("macros/".$matches[1][$index].".inc"); $return = ob_get_contents(); ob_end_clean(); } else { $return = "Macro ".$matches[1][$index]." not defined"; } $text = preg_replace("#".preg_quote($matches[0][$index],"#")."#",$return,$text); $_EXTRAS[$matches[1][$index]] = $matches[2][$index]; } // [[MACRO|macroname]] preg_match_all("/\[\[MACRO\|(.*?)\\]\]/", $text, $matches); foreach($matches[0] as $index => $match){ #print_r($matches); if (file_exists("macros/".$matches[1][$index].".inc")){ ob_start(); include("macros/".$matches[1][$index].".inc"); $return = ob_get_contents(); ob_end_clean(); } else { $return = "Macro ".$matches[1][$index]." not defined"; } $text = preg_replace("#".preg_quote($matches[0][$index],"#")."#",$return,$text); $_EXTRAS[$matches[1][$index]] = $matches[2][$index]; } */ //New Macros code $macros = array(); // [[MACRO|macroname|arguments]] preg_match_all("/\\[\\[MACRO\\|(.*?)\\|(.*?)\\]\\]/", $text, $matches); foreach ($matches[0] as $index => $match) { #print_r($matches); $return = ""; $macro = $matches[1][$index]; $command = $matches[2][$index]; $params = false; if ($pos = strpos($command, '|')) { $params = explode(',', substr($command, $pos + 1)); $command = substr($command, 0, $pos); } debug("Macro: {$macro}: {$command}"); if (!isset($macros[$macro])) { if (file_exists("macros/" . $matches[1][$index] . ".inc")) { include "macros/" . $matches[1][$index] . ".inc"; $macros[$macro] = new $macro($dataSource, $_EXTRAS); } } if (!isset($macros[$macro])) { // Macro load failed. $return = "*!!Macro " . $matches[1][$index] . " not defined!!*"; } elseif ($command == "INIT") { // Explicit INIT disabled //if (file_exists("macros/".$matches[1][$index].".inc")){ // include("macros/".$matches[1][$index].".inc"); // $macros[$macro] = new $macro($dataSource, $_EXTRAS); //} else { // $return = "Macro ".$matches[1][$index]." not defined"; //} } elseif ($command == "LIST") { $dir = opendir("macros"); while ($line = readdir($dir)) { if (substr($line, -4) != ".inc") { continue; } $return .= "* {$line}\n"; } } elseif (!isset($macros[$macro])) { $return = "Macro {$macro} used before defined!"; } elseif (!in_array($command, get_class_methods($macro))) { $return = "Macro {$macro} cannot execute {$command}"; } else { #$return = call_user_func(array($macro, $command)); if ($params) { $return = $macros[$macro]->{$command}($params); } else { $return = $macros[$macro]->{$command}(); } } #$text = preg_replace("#".preg_quote($matches[0][$index],"#")."#",$return,$text); $text = str_replace($matches[0][$index], $return, $text); $_EXTRAS[$matches[1][$index]] = $matches[2][$index]; } // [[MACRO|macroname]] // [[CAL|year-mm-dd|Event]] preg_match_all("/\\[\\[CAL\\|(....)\\-(..)\\-(..)\\|(.*?)\\]\\]/", $text, $matches); $i = 0; $calendar = array(); $caltext = ""; foreach ($matches[0] as $index => $match) { $link = preg_replace("/(\\W)/", "", $matches[4][$index]); $text = str_replace($matches[0][$index], "<a name=\"" . $link . "\"></a>", $text); $calendar[$matches[1][$index]][$matches[2][$index]][$matches[3][$index]] = $matches[4][$index]; } preg_match_all("/\\[\\[VAR\\|(.*?)\\]\\]/", $text, $matches); foreach ($matches[0] as $index => $match) { if (isset($_EXTRAS[$matches[1][$index]])) { $var = $_EXTRAS[$matches[1][$index]]; } else { $var = '[ERR: ' . $matches[1][$index] . ' Undefined]'; } #$text = preg_replace("#".preg_quote($match,"#")."#",$var, $text); $text = str_replace($match, $var, $text); } foreach ($calendar as $year => $ydata) { #ksort($ydata); $months = array_keys($ydata); foreach (range(min($months), max($months)) as $month) { if ($month < 10) { $month = "0" . $month; } #foreach($ydata as $month => $mdata){ $mdata = $ydata[$month]; $caltext .= calendar($mdata, $month, $year); } } $links = array(); /*preg_match_all("/\(\(([.|\|]*?)\)\)/", $text, $matches); foreach($matches[1] as $index => $title){ $link = preg_replace("/(\W)/", "", ucwords($matches[2][$index])); $links[] = array($matches[0][$index], $link, $title); }*/ preg_match_all("/\\(\\((.*?)\\)\\)/", "\n" . $text . "\n", $matches); foreach ($matches[1] as $index => $title) { if (!strpos($matches[1][$index], "|")) { $link = preg_replace("/(\\W)/", "", $title); #$links[] = array($matches[0][$index],$link, $title); } else { $bang = explode("|", $matches[1][$index]); $link = preg_replace("/(\\W)/", "", $bang[1]); $title = $bang[0]; } if ($title[0] == '~') { $link = '~' . $link; } $links[] = array($matches[0][$index], $link, $title); } foreach ($links as $index => $matches) { $replace = preg_quote($matches[0], '/'); $stripped = $matches[1]; $title = $matches[2]; if ($title[0] == '~') { $title = substr($title, 1); #$link = "%(uncreated)".$title."\"?\":".$base."/".$stripped."?action=edit%"; #$link = "\"".$title."\":".$base."/".$stripped; $link = userLink($title); } elseif (!$dataSource->pageExists($stripped)) { #$link = "%(uncreated)".$title."\"?\":".$base."/".$stripped."?action=edit%"; #$link = "\"".$title."\":".$base."/".$stripped; $link = '<a href="' . $base . "/" . $stripped . '" class="uncreated wiki" title="Uncreated article ' . $title . '">' . $title . '</a>'; } else { #$link = "\"".$title."\":".$base."/".$stripped; $link = '<a href="' . $base . "/" . $stripped . '" class="wiki" title="Internal link to article ' . $title . '">' . $title . '</a>'; } #$link = "\"".$match."\":".$base."/".$stripped; #echo $replace; $text = preg_replace("/(\\W|^)" . $replace . "(\\W)/", "\$1{$link}\$2", $text); #$text = preg_replace("/(\W|^)".$replace."(\W)/","$1|$replace|$2", $text); } //preg_match_all("/<aqWikiNoProcess>(.*?)<\/aqwikiNoProcess>/m",$text, $matches); $text = str_replace("\n", '[[BR]]', $text); $text = str_replace("\r", '', $text); preg_match_all("/<aqWikiNoProcess>(.*?)<\\/aqWikiNoProcess>/", $text, $matches); foreach ($matches[0] as $index => $match) { $id = uniqid(); $EXTRAS['noProcess'][$id] = $matches[1][$index]; #$text = preg_replace("#".preg_quote($match,"#")."#",'[[NOPROCESS|'.$id.']]',$text); $text = str_replace($match, '[[NOPROCESS|' . $id . ']]', $text); } $text = str_replace("[[BR]]", "\n", $text); $text = textile($text); #$text = ereg_replace("[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]\"/]", "<a href=\"\\0\">\\0</a>", $text); #$text = preg_replace("#<a href=\"<a href=\"(.*)\">(.*)\"</a>>(.*)</a>#","<a href=\"$1\">$3</a>",$text); $text = preg_replace("/\\[CC\\](.*?)\\[CC\\]/", "((\$1))", $text); $text = preg_replace("/\\[CMD\\](.*?)\\[CMD\\]/", "[[\$1]]", $text); $text = str_replace('[[CAL]]', "<div class=\"calendar\">" . $caltext . "</div>", $text); if (!isset($_EXTRAS['textarea'])) { $_EXTRAS['textarea'] = ""; } $text = preg_replace("/\\[\\[TEXTAREA\\]\\]/", $_EXTRAS['textarea'], $text); $text = str_replace('[[TEXTAREA]]', $_EXTRAS['textarea'], $text); preg_match_all("/\\[\\[RAWVAR\\|(.*?)\\]\\]/", $text, $matches); foreach ($matches[0] as $index => $match) { if (isset($_EXTRAS[$matches[1][$index]])) { $var = $_EXTRAS[$matches[1][$index]]; } else { $var = '[ERR: ' . $matches[1][$index] . ' Undefined]'; } $text = str_replace($match, $var, $text); } preg_match_all("/\\[\\[NOPROCESS\\|(.*?)\\]\\]/", $text, $matches); foreach ($matches[0] as $index => $match) { $id = $matches[1][$index]; $text = str_replace($match, $EXTRAS['noProcess'][$id], $text); } $text = str_replace("[[BR]]", "\n", $text); return $text; }
<?php // addLien.php // Ajout d'un lien entre un évènement et une personne // Vérification de la connexion include './authcheck.php'; if (!isset($_SESSION['IDtrombi'])) { die('({state:"failed",error:"logOff"})'); } // Vérification de la présence de l'id personne et l'id évènement if (isset($_POST['IDP']) && isset($_POST['IDE'])) { $IDP = $_POST['IDP']; $IDE = $_POST['IDE']; // Droit de modifier la table à partir du rang 7 ou pour un user propriétaire, ou pour un contributeur en cours de session if (author("addLink", array('IDP' => $IDP))) { require_once './conx/connexion.php'; // Dans le cas d'une modification par user ou waiting_user, on veut vérifier // que le compte est bien propriétaire de l'item à modifier if (RANK == RANG_WAITING_USER || RANK == RANG_USER || RANK == RANG_PRIVILEGED_USER) { $select = $connexion->prepare('SELECT COUNT(*) FROM ' . $prefixeDB . 'personnes WHERE ID=:id AND IDA=:idA;'); $select->execute(array('id' => $IDP, 'idA' => $_SESSION['IDtrombi'])); if ($select->fetchColumn() == '0') { die('({state:"failed",error:"You are not owner of this item"})'); } } // Préparation de la requète $insertPrepa = $connexion->prepare('INSERT INTO ' . $prefixeDB . 'participations (IDP, IDE) VALUES (:idp , :ide);'); try { // envoie de la requète $insert = $insertPrepa->execute(array('idp' => $IDP, 'ide' => $IDE)); die('({state:"success"})'); } catch (Exception $e) {
<?php // Vérification de l'état de connexion include './authcheck.php'; if (!isset($_SESSION['IDtrombi'])) { die('({state:"failed",error:"logOff"})'); } // Il faut spécifier une personne et un évènement à délier if (isset($_POST['IDP']) && isset($_POST['IDE'])) { $IDP = $_POST['IDP']; $IDE = $_POST['IDE']; // Il faut un rang d'au moins 7 pour modifier la base // Ou user propriétaire de la personne // Ou anonyme en cours de session if (author("removeLink", array('IDP' => $IDP))) { require_once './conx/connexion.php'; // Dans le cas d'une modification par user ou waiting_user, on veut vérifier // que le compte est bien propriétaire de l'item à modifier if (RANK == RANG_WAITING_USER || RANK == RANG_USER || RANK == RANG_PRIVILEGED_USER) { $select = $connexion->prepare('SELECT COUNT(*) FROM ' . $prefixeDB . 'personnes WHERE ID=:id AND IDA=:idA;'); $select->execute(array('id' => $IDP, 'idA' => $_SESSION['IDtrombi'])); if ($select->fetchColumn() == '0') { die('({state:"failed",error:"You are not owner of this item"})'); } } // Préparation de la requète $delete = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'participations WHERE IDP=:idp AND IDE=:ide;'); try { // envoie de la requète $delete->execute(array('idp' => $IDP, 'ide' => $IDE)); die('({state:"success"})'); } catch (Exception $e) {
<?php include './authcheck.php'; if (!isset($_SESSION['IDtrombi'])) { die('({state:"failed",error:"logOff"})'); } if (author("delEvent", null)) { if (isset($_POST['idE'])) { require_once './conx/connexion.php'; $idE = $_POST['idE']; $deleteParticipations = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'participations WHERE IDE=:ide;'); $deleteEvenement = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'evenements WHERE ID=:ide;'); try { $deleteParticipations->execute(array('ide' => $idE)); $deleteEvenement->execute(array('ide' => $idE)); } catch (Exception $e) { die('({state:"failed",error:"Del evenement : ' . $e->getMessage() . '"})'); } die('({state:"success"})'); } die('({state:"failed",error:"missing parameters"})'); } die('({state:"failed",error:"your rank is too low"})');
<?php // modEvenement.php // Ajout ou suppression d'un évènement include './authcheck.php'; if (!isset($_SESSION['IDtrombi'])) { die('({state:"failed",error:"logOff"})'); } if (author("modEvent", null)) { if (isset($_POST['nom'])) { require_once './conx/connexion.php'; $id = $_POST['id']; $nom = $_POST['nom']; if ($id > 0) { $query = $connexion->prepare('UPDATE ' . $prefixeDB . 'evenements SET NOM=:nom WHERE ID=:id;'); try { $query->execute(array('nom' => $nom, 'id' => $id)); } catch (Exception $e) { die('({state:"failed",error:"mod event : ' . $e->getMessage() . '"})'); } die('({state:"success"})'); } else { $query = $connexion->prepare('INSERT INTO ' . $prefixeDB . 'evenements (NOM) VALUES (:nom);'); try { $query->execute(array('nom' => $nom)); $id = $connexion->lastInsertId(); } catch (Exception $e) { die('({state:"failed",error:"add event : ' . $e->getMessage() . '"})'); } die('({state:"success", insertedID:' . $id . '})'); } }
<?php // delPersonne.php // Suppression d'une personne dans la table personnes // Vérification de la connexion include './authcheck.php'; if (!isset($_SESSION['IDtrombi'])) { die('({state:"failed",error:"logOff"})'); } if (isset($_POST['id'])) { $id = $_POST['id']; } else { $id = NULL; } // Pour supprimer une personne il faut être de rang 7 // Ou de rang 2 s'il s'agit d'une de ses propres suggestions if ($id != NULL && author("delPerson", array('ID' => $id))) { require_once './conx/connexion.php'; // Dans le cas d'une modification par user ou waiting_user, on veut vérifier // que le compte est bien propriétaire de l'item à modifier if (RANK == RANG_WAITING_USER || RANK == RANG_USER || RANK == RANG_PRIVILEGED_USER) { $select = $connexion->prepare('SELECT COUNT(*) FROM ' . $prefixeDB . 'personnes WHERE ID=:id AND IDA=:idA;'); $select->execute(array('id' => $id, 'idA' => $_SESSION['IDtrombi'])); if ($select->fetchColumn() == '0') { die('({state:"failed",error:"You are not owner of this item"})'); } } // Préparation des requêtes $selectPersonne = $connexion->prepare('SELECT PHOTO FROM ' . $prefixeDB . 'personnes WHERE ID=:id ;'); // Récupération du nom de la photo pour effacement $deleteParticipations = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'participations WHERE IDP=:idp;'); $deletePersonne = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'personnes WHERE ID=:idp;');
<?php echo '<style>@media screen and (min-width: 1024px) { #content {margin-left:14em;} }</style>'; echo "<article class='box post post-excerpt'>\n\t\t\t\t\t\t\t<header><h2>{$result['Title']}</h2>\n\t\t\t\t\t\t\t" . '<a href="#" class="icon fa-book" style="margin-right:1.5em;color:#666"> ' . reading($result['Id']) . '</a> <a href="#" class="icon fa-check" style="margin-right:1.5em;color:#666"> ' . done($result['Id']) . '</a> <a href="#" class="icon fa-comment" style="margin-right:1.5em;color:#666"> ' . comment($result['Id']) . '</a> ' . author($result['AUTHOR_ID']) . ' ' . cat($result['CATEGORY_ID']) . ' ' . "</header>"; echo '<table style="width:100%"> <tr> <td style="max-width:30%;vertical-align: top;"><a href="' . $home_url . 'books/' . $result['URL'] . '" class="image featured"><img src="' . $home_url . 'images/books/' . $result['Image'] . '" alt="" /></a></td> <td style="padding-left:1em">' . htmlspecialchars_decode($result['Description']) . '</td> </tr> </table>'; if (!empty($_SESSION["user"])) { if (read($result["Id"], $_SESSION["user"]) == 'N') { echo '<p align="center"><a href="' . $home_url . 'online/' . $result["URL"] . '"><button type="button" class="btn btn-success">ЧИТАТЬ ОНЛАЙН</button></a></p>'; } if (read($result["Id"], $_SESSION["user"]) == 'D') { echo '<p align="center"><a href="' . $home_url . 'online/' . $result["URL"] . '"><button type="button" class="btn btn-success">ОТКРЫТЬ</button></a></p>'; } if (read($result["Id"], $_SESSION["user"]) == 'Y') { echo '<p align="center"><a href="' . $home_url . 'online/' . $result["URL"] . '"><button type="button" class="btn btn-primary">ПРОДОЛЖИТЬ ЧТЕНИЕ</button></a></p>'; } } else {
<?php $sql_book = mysqli_query($bd, "SELECT * FROM `BOOKS`"); if (mysqli_num_rows($sql_books) > 0) { $book = mysqli_fetch_array($sql_book); $k = 1; echo '<table style="width:100%"> <tr> <th>#</th> <th>Название</th> <th>Автор</th> <th>Категория</th> </tr>'; do { echo '<tr> <td>' . $k . '</td> <td> <form action="' . $admin_page . 'books/edit_book/" method="post" style="display:inline-block;"> <input name="id" value="' . $book["URL"] . '" type="hidden"> <button type="submit" class="btn" style="background:transparent;border-color:transparent;color:#428bca;display:inline-block">' . $book["Title"] . '</button> </td> </form> <td>' . author($book["AUTHOR_ID"]) . '</td> <td>' . cat($book["CATEGORY_ID"]) . '</td> </tr>'; $k++; } while ($book = mysqli_fetch_array($sql_book)); echo '<table>'; } ?> </div> </div>
<?php // addPersonne.php // ajout d'une personne dans la table personnes // Vérification de la connexion include './authcheck.php'; if (!isset($_SESSION['IDtrombi'])) { die('({state:"failed",error:"logOff"})'); } // Avec le rang 7 on ajoute une personne avec un statut normal (SUG=0) // Avec le rang 2 on ajoute une personne avec le statut sugestion (SUG=1) if (author("addNewPerson", null)) { // Il faut au minimum un nom et un prénom if (isset($_POST['NOM']) && isset($_POST['PRENOM'])) { if (isset($_POST['VILLE'])) { $ville = $_POST['VILLE']; } else { $ville = ''; } if (isset($_POST['HOBBY'])) { $hobby = $_POST['HOBBY']; } else { $hobby = ''; } if (isset($_POST['IDREGION'])) { $idr = $_POST['IDREGION']; } else { $idr = -1; } if (isset($_POST['VL'])) { $vl = $_POST['VL']; } else {
; var noRedirect = <?php noRedirect(); ?> ; if (!noRedirect) { window.location.href = './?noRedirect=true&downloadId=' + schematicId; } } </script> <img src="../images/icons/download-2.png" /> <p>You are downloading <b><?php fileName(); ?> </b> which was uploaded by <b><?php author(); ?> </b> using <a href="../">Mordritch's Javascript Redstone Simulator</a>.</p> <p>If the download does not start automatically, click <a href="./?downloadId=<?php id(); ?> ">here</a>.</p> <p>You can also view/edit the schematic online <a href="../#<?php id(); ?> ">here</a> from inside your web browser.</p> </div> <?php } else { ?> <div>
<?php // delUser.php // Suppression d'un utilisateur include './authcheck.php'; if (!isset($_SESSION['IDtrombi'])) { die('({state:"failed",error:"logOff"})'); } if (author("delUser", null)) { if (isset($_POST['id'])) { require_once './conx/connexion.php'; $id = $_POST['id']; $deleteUser = $connexion->prepare('DELETE FROM ' . $prefixeDB . 'users WHERE ID=:id;'); try { $deleteUser->execute(array('id' => $id)); } catch (Exception $e) { die('({state:"failed",error:"Del user : '******'"})'); } die('({state:"success"})'); } die('({state:"failed",error:"missing parameters"})'); } die('({state:"failed",error:"your rank is too low"})');
$last = mysqli_fetch_array($sql_last); do { echo '<article class="box post post-excerpt"> <header> <h2><a href="' . $home_url . 'books/' . $last['URL'] . '">' . $last['Title'] . '</a></h2> </header> <div class="info"> <span class="date"><span class="day">' . $last['Yaer'] . '</span></span> <ul class="stats"> <li><a href="#" class="icon fa-book ">' . reading($last['Id']) . '</a></li> <li><a href="#" class="icon fa-check">' . done($last['Id']) . '</a></li> <li><a href="#" class="icon fa-comment">' . comment($last['Id']) . '</a></li> <li>' . author($last['AUTHOR_ID']) . '</li> </ul> </div> <table style="width:100%"> <tr> <td style="max-width:30%;vertical-align: top;"><a href="' . $home_url . 'books/' . $last['URL'] . '" class="image featured"><img src="' . $home_url . 'images/books/' . $last['Image'] . '" alt="" /></a></td> <td style="padding-left:1em">' . $last['Description'] . '</td> </tr> </table> </article> '; } while ($last = mysqli_fetch_array($sql_last)); }
<?php // modPersonne.php // Modification d'une personne dans la table personnes // Vérification de la connexion include './authcheck.php'; if (!isset($_SESSION['IDtrombi'])) { die('({state:"failed",error:"logOff"})'); } // Avec le rang 7 on peut modifier n'importe qui if (author("validNewPerson", null)) { if (isset($_POST['ID'])) { $id = $_POST['ID']; require_once './conx/connexion.php'; $validPersonne = $connexion->prepare('UPDATE ' . $prefixeDB . 'personnes SET SUG=0 WHERE ID=:id'); try { $validPersonne->execute(array('id' => $id)); } catch (Exception $e) { die('({state:"failed",error:"valid personne : ' . $e->getMessage() . '"})'); } die('({state:"success"})'); } die('({state:"failed",error:"missing parameters"})'); } die('({state:"failed",error:"your rank is too low"})');
function makeList($data) { while ($val = mysql_fetch_array($data)) { //编列列表 //传递店面名,name echo ' <li class="only4"> <a href="items_admin.php?id=' . $val['id'] . '&openid=' . $val['openid'] . '"> <div class="img"><img src="item.jpg" ></div> <h2>' . $val['name'] . '</h2> <p class="onlyheight">' . author($val['openid']) . statue($val['status']) . '</p> <span class="icon"> </span> <div class="clr"></div> </a> </li> '; } }
<?php // getUsersList.php // Renvoie la liste des utilisateurs // Vérification de la connexion include './authcheck.php'; if (!isset($_SESSION['IDtrombi'])) { die('({state:"failed",error:"logOff"})'); } // Il faut être administrateur if (author("getUsersList", null)) { require_once './conx/connexion.php'; $select = $connexion->prepare('SELECT ID, PSEUDO, EMAIL, NOMPRENOM, DATE, HEURE, RANK FROM ' . $prefixeDB . 'users ORDER BY RANK DESC, PSEUDO ASC;'); $jsonData = ''; $select->execute(); while ($user = $select->fetch(PDO::FETCH_ASSOC)) { // on récupère la liste des membres if ($jsonData != '') { $jsonData = $jsonData . ','; } $jsonData = $jsonData . json_encode($user, JSON_FORCE_OBJECT); } $select->closeCursor(); // on ferme le curseur des résultats die('({state:"success",liste:[' . $jsonData . ']})'); } die('({state:"failed",error:"your rank is too low"})');